Thread: not necessarily a bug...
recently I was playing around with psql and tried to log onto a postgresql server so I tried... psql -h 10.0.1.233 dbname and to my suprise, i was in and able to issue commands. what is 'bothering' me is that I was not asked for a password. in defence of the system, I was on a mac os x box logged in as 'postgres' so my current name was postgres. is this correct behaviour? I was expecting to be challenged. Ted __________________________________ Do you Yahoo!? Yahoo! Search - Find what youre looking for faster http://search.yahoo.com
On Tue, Mar 09, 2004 at 02:17:23PM -0800, Theodore Petrosky wrote: > and to my suprise, i was in and able to issue > commands. what is 'bothering' me is that I was not > asked for a password. in defence of the system, I was > on a mac os x box logged in as 'postgres' so my > current name was postgres. > > is this correct behaviour? I was expecting to be > challenged. Documentation is your friend, Ted. You need to read the pg_hba.conf file in your PG_DATA directory, and the documentation which came with the postgres distribution. Additionally, this really isn't a question for hackers@. Alex -- alex@posixnap.net Alex J. Avriette, Unix Systems Gladiator The Emperor Wears No Clothes. http://www.drugsense.org/wodclock.htm
On Tue, Mar 09, 2004 at 07:33:31PM -0500, Alex J. Avriette wrote: > the postgres distribution. Additionally, this really isn't a question > for hackers@. Meep, my apologies, this wasn't sent to hackers@. -- alex@posixnap.net Alex J. Avriette, Solaris Systems Masseur "I ... remain against the death penalty because I feel that eternal boredom with no hope of parole is a much worse punishmentthan just ending it all mercifully with that quiet needle." - Rachel Mills, NC Libertarian Gubernatorial Candidate
Theodore Petrosky <tedpet5@yahoo.com> writes:
> recently I was playing around with psql and tried to
> log onto a postgresql server so I tried...
> psql -h 10.0.1.233 dbname
> and to my suprise, i was in and able to issue
> commands. what is 'bothering' me is that I was not
> asked for a password.
So what have you got in pg_hba.conf? Evidently you've selected an
authentication method that's not password-based.
regards, tom lane
On Tuesday 09 March 2004 22:17, Theodore Petrosky wrote: > recently I was playing around with psql and tried to > log onto a postgresql server so I tried... > > psql -h 10.0.1.233 dbname > is this correct behaviour? I was expecting to be > challenged. Host-based access is controlled via the pg_hba.conf file. Check the settings there, and let us know if you still think there is a problem. -- Richard Huxton Archonet Ltd